Security

Reply
Contributor II
Posts: 68
Registered: ‎08-20-2007

ClearPass MSSQL user database connection

I want to add an MSSQL database for an Authentication Source for a SSID. I keep getting:

2016-03-15 17:24:46,848[Th 273083 Req 14706798 SessId R0027a43e-12-56e87d9e] INFO RadiusServer.Radius - rlm_sql: searching for user arubasql in Sql:mssqlserver.company.name
2016-03-15 17:24:46,849[Th 273083 Req 14706798 SessId R0027a43e-12-56e87d9e] ERROR RadiusServer.Radius - rlm_sql (authsrc_3030): Error parsing data from database
2016-03-15 17:24:46,849[Th 273083 Req 14706798 SessId R0027a43e-12-56e87d9e] ERROR RadiusServer.Radius - rlm_sql (authsrc_3030): SQL query error; rejecting user

I'm watching the packets go by (cleartext) with the correct SELECT statement and the reply from the server. I'm not getting any errors in the Attribute Filter section either. Not sure what I'm missing. My attribute filter looks like this:

Screen Shot 2016-03-15 at 5.38.31 PM.png

I thought that perhaps the driver was the issue because my database was SQL Server 2014, so I built a SQL Server 2012 but am getting the same error.

Thanks

Contributor II
Posts: 68
Registered: ‎08-20-2007

Re: ClearPass MSSQL user database connection

In case anyone else runs into this, I did figure out my issue. I had to change my filter back so that pass was being picked up as User_Password. I also hadn't been positive about the Password Type field, if that was for the users in the database or for my initial connection to the database. It is for the users in the database.

The other part that really confused me was the tcp/ip connection timeout errors I kept getting after trying to save my filter when my filter looked correct. After sniffing packets I finally figured out that although I had a port in the Port (Optional): field; the filter tab (which I was essentially using as a diagnostic tool) completely ignores the port field, at least for the MSSQL driver. The authentication was using the correct port, but that filter tab was using the default so it kept throwing out errors. I'm running CPPM 6.5.5.78974. I setup a new database instance with default ports to not cause confusion going forward.

Search Airheads
Showing results for 
Search instead for 
Did you mean: